Patents by Inventor Ryan Kastner
Ryan Kastner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10990723Abstract: Disclosed are devices, apparatuses, systems, computer readable media, and methods for improving the security of circuitry designs using HDL code. In one aspect a method is disclosed. the method includes receiving a hardware design language (HDL) representation of a circuit; inserting flow tracking into the HDL representation, wherein the flow tracking adds one or more security labels that are tracked throughout the circuit; and generating an enhanced HDL representation of the circuit, wherein the enhanced HDL representation comprises the HDL representation and the flow tracking, wherein the enhanced representation including the one or more security labels that are tracked throughout the circuit enables a security determination a model for tracking timing-based information flows through HDL code is disclosed. The disclosed technology is used to verify security properties on a variety of equipment including crypto cores, bus architectures, caches and arithmetic modules.Type: GrantFiled: March 14, 2019Date of Patent: April 27, 2021Assignee: THE REGENTS OF THE UNIVERSITY OF CALIFORNIAInventors: Ryan Kastner, Armaiti Ardeshiricham, Wei Hu
-
Patent number: 10719631Abstract: The present disclosure includes systems and methods relating to information flow tracking and detection of unintentional design flaws of digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving one or more security properties specifying a restriction relating to the one or more labels for implementing an information flow model; generating the information flow model; performing verification using the information flow model, wherein verification comprises verifying whether the information flow model passes or fails against the one of more security properties; and upon verifying that the information flow model passes, determining that an unintentional design flaw is not identified in the hardware design.Type: GrantFiled: July 27, 2017Date of Patent: July 21, 2020Assignees: Tortuga Logic Inc., The Regents of the University of CaliforniaInventors: Wei Hu, Ryan Kastner, Jason K. Oberg
-
Publication number: 20190286763Abstract: Disclosed are devices, apparatuses, systems, computer readable media, and methods for improving the security of circuitry designs using HDL code. In one aspect a method is disclosed. the method includes receiving a hardware design language (HDL) representation of a circuit; inserting flow tracking into the HDL representation, wherein the flow tracking adds one or more security labels that are tracked throughout the circuit; and generating an enhanced HDL representation of the circuit, wherein the enhanced HDL representation comprises the HDL representation and the flow tracking, wherein the enhanced representation including the one or more security labels that are tracked throughout the circuit enables a security determination a model for tracking timing-based information flows through HDL code is disclosed. The disclosed technology is used to verify security properties on a variety of equipment including crypto cores, bus architectures, caches and arithmetic modules.Type: ApplicationFiled: March 14, 2019Publication date: September 19, 2019Inventors: Ryan Kastner, Armaiti Ardeshiricham, Wei Hu
-
Patent number: 10289873Abstract: The present disclosure includes systems and techniques relating to information flow and hardware security for digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving a security property specifying a restriction relating to the one or more labels for implementing a secure information flow in the hardware configuration; designating each of the one or more labels to a corresponding security level in accordance with the specified restriction; and automatically assigning a respective value to each of the one or more labels in the hardware design, wherein each respective value is determined in accordance with the corresponding security level designated for each of the one or more labels.Type: GrantFiled: April 28, 2016Date of Patent: May 14, 2019Assignee: Tortuga Logic Inc.Inventors: Jason K. Oberg, Jonathan Valamehr, Ryan Kastner, Timothy Sherwood
-
Patent number: 10083305Abstract: A preferred method for providing multi-level security to a gate level information flow receives or specifies a security lattice having more than two security levels. The security lattice defines how security levels relate to each other. A hardware design implementing information flows including flows having security levels specified by the security lattice is received. Logic is created for testing the hardware design in view of the security lattice. A logic function is created based upon the hardware design and the logic for testing to implement the security lattice. Another method receives a hardware design in a hardware description language. At least a portion of the hardware design is synthesized to gate level primitives. Functional component tracking logic supporting more than two-security levels is built from the gate level primitives. Functional components in the hardware design are simulated with the functional component tracking logic.Type: GrantFiled: March 14, 2014Date of Patent: September 25, 2018Assignee: The Regents of the University of CaliforniaInventors: Ryan Kastner, Jason Oberg, Wei Hu, Timothy Sherwood, Mohit Tiwari
-
Publication number: 20180032760Abstract: The present disclosure includes systems and methods relating to information flow tracking and detection of unintentional design flaws of digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving one or more security properties specifying a restriction relating to the one or more labels for implementing an information flow model; generating the information flow model; performing verification using the information flow model, wherein verification comprises verifying whether the information flow model passes or fails against the one of more security properties; and upon verifying that the information flow model passes, determining that an unintentional design flaw is not identified in the hardware design.Type: ApplicationFiled: July 27, 2017Publication date: February 1, 2018Inventors: Wei Hu, Ryan Kastner, Jason K. Oberg
-
Publication number: 20170316227Abstract: The present disclosure includes systems and techniques relating to information flow and hardware security for digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving a security property specifying a restriction relating to the one or more labels for implementing a secure information flow in the hardware configuration; designating each of the one or more labels to a corresponding security level in accordance with the specified restriction; and automatically assigning a respective value to each of the one or more labels in the hardware design, wherein each respective value is determined in accordance with the corresponding security level designated for each of the one or more labels.Type: ApplicationFiled: April 28, 2016Publication date: November 2, 2017Inventors: Jason K. Oberg, Jonathan Valamehr, Ryan Kastner, Timothy Sherwood
-
Patent number: 9305166Abstract: A method for detecting a timing channel in a hardware design includes synthesizing the hardware design to gate level. Gate level information flow tracing is applied to the gate level of the hardware design via a simulation to search for tainted flows. If a tainted flow is found, a limited number of traces are selected. An input on the limited number of traces is simulated to determine whether the traces are value preserving with respect to taint inputs, and to determine that a timing flow exists if the traces are value preserving with respect to the taint inputs.Type: GrantFiled: March 7, 2014Date of Patent: April 5, 2016Assignee: The Regents of the University of CaliforniaInventors: Ryan Kastner, Jason Oberg, Sarah Meiklejohn, Timothy Sherwood
-
Publication number: 20160026801Abstract: A preferred method for providing multi-level security to a gate level information flow receives or specifies a security lattice having more than two security levels. The security lattice defines how security levels relate to each other. A hardware design implementing information flows including flows having security levels specified by the security lattice is received. Logic is created for testing the hardware design in view of the security lattice. A logic function is created based upon the hardware design and the logic for testing to implement the security lattice. Another method receives a hardware design in a hardware description language. At least a portion of the hardware design is synthesized to gate level primitives. Functional component tracking logic supporting more than two-security levels is built from the gate level primitives. Functional components in the hardware design are simulated with the functional component tracking logic.Type: ApplicationFiled: March 14, 2014Publication date: January 28, 2016Inventors: Ryan Kastner, Jason Oberg, Wei Hu, Timothy Sherwood
-
Publication number: 20140259161Abstract: A method for detecting a timing channel in a hardware design includes synthesizing the hardware design to gate level. Gate level information flow tracing is applied to the gate level of the hardware design via a simulation to search for tainted flows. If a tainted flow is found, a limited number of traces are selected. An input on the limited number of traces is simulated to determine whether the traces are value preserving with respect to taint inputs, and to determine that a timing flow exists if the traces are value preserving with respect to the taint inputs.Type: ApplicationFiled: March 7, 2014Publication date: September 11, 2014Inventors: Ryan Kastner, Jason Oberg, Sarah Meiklejohn, Timothy Sherwood, Mohit Tiwari
-
Publication number: 20070180010Abstract: A method for reducing operations in a processing environment is provided that includes generating one or more binary representations. One or more of the binary representations are included in one or more linear equations that include one or more operations. The method also includes converting one or more of the linear equations to one or more polynomials and identifying one or more common subexpressions associated with the polynomials in order to reduce one or more of the operations. The identifying step is facilitated by an algorithm that iteratively selects divisors and then uses the divisors to eliminate common subexpressions among the linear equations. The method can also take into account the delay of expressions while performing the optimization. Further, it can optimize a polynomial to reduce the number of operations. Additionally, it can optimize the exponents of variables.Type: ApplicationFiled: January 13, 2006Publication date: August 2, 2007Applicants: University of CaliforniaInventors: Farzan Fallah, Anup Hosangadi, Ryan Kastner
-
Publication number: 20060294169Abstract: A method for reducing operations in a processing environment is provided that includes generating one or more binary representations, one or more of the binary representations being included in one or more linear equations that include one or more operations. The method also includes converting one or more of the linear equations to one or more polynomials and then performing kernel extraction and optimization on one or more of the polynomials. One or more common subexpressions associated with the polynomials are identified in order to reduce one or more of the operations.Type: ApplicationFiled: February 25, 2005Publication date: December 28, 2006Inventors: Farzan Fallah, Anup Hosangadi, Ryan Kastner